Automated and Controlled Patch Generation for Enhanced Fixing of Communication Software Vulnerabilities

Abstract

Software is a crucial component in the communication systems, and its security is of paramount importance. However, it is susceptible to different types of attacks due to potential vulnerabilities. Meanwhile, significant time and effort is required to fix such vulnerabilities. We propose an automated program repair method based on controlled text generation techniques. Specifically, we utilize a fine-tuned language model for patch generation and introduce a discriminator to evaluate the generation process, selecting results that contribute most to vulnerability fixes. Additionally, we perform static syntax analysis to expedite the patch verification process. The effectiveness of the proposed approach is validated using QuixBugs and Defects4J datasets, demonstrating significant improvements in generating correct patches compared to other existing methods.